This patch series adds xfrm metadata helpers using the unstable kfunc call interface for the TC-BPF hooks.
This allows steering traffic towards different IPsec connections based on logic implemented in bpf programs.
The helpers are integrated into the xfrm_interface module. For this purpose the main functionality of this module is moved to xfrm_interface_core.c.
Eyal Birger (3): xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c xfrm: interface: Add unstable helpers for setting/getting XFRM metadata from TC-BPF selftests/bpf: add xfrm_info tests
include/net/dst_metadata.h | 1 + include/net/xfrm.h | 20 + net/core/dst.c | 8 +- net/xfrm/Makefile | 8 + net/xfrm/xfrm_interface_bpf.c | 100 +++++ ...xfrm_interface.c => xfrm_interface_core.c} | 15 + tools/testing/selftests/bpf/config | 2 + .../selftests/bpf/prog_tests/test_xfrm_info.c | 343 ++++++++++++++++++ .../selftests/bpf/progs/test_xfrm_info_kern.c | 74 ++++ 9 files changed, 569 insertions(+), 2 deletions(-) create mode 100644 net/xfrm/xfrm_interface_bpf.c rename net/xfrm/{xfrm_interface.c => xfrm_interface_core.c} (98%) create mode 100644 tools/testing/selftests/bpf/prog_tests/test_xfrm_info.c create mode 100644 tools/testing/selftests/bpf/progs/test_xfrm_info_kern.c